Supporting different x_auth_access_types with oauth/authenticate


#1

I’ve registered my app as “Read and write” and have allowed “Sign in with Twitter”

My app has some features that just require signin, and others that require write access.

I would like to escalate users from Read-only to Read-and-write when they want to use a feature that requires write access.

I’m running into a problem using Twitters oauth/authenticate for automatic redirect when a user is signing in and has already authenticated.

Here’s the problem:

For my Sign In button, I set the x_auth_access_type to “read.” Unless I set this parameter, it defaults to “read and write.” Because I have read-only features, I don’t want write access by default.

If a user chooses a feature that requires write access, I send them to oauth/authorize with x_auth_access_type = “write.” This promotes the account as expected.

The issue is when a promoted user signs out and wants to sign back in. Now my Sign In button, with x_auth_access_type set to read, forces a user to re-authenticate the app with read-only permissions. It does this instead of automatically redirecting back to my application (the desired result).

If I remove the x_auth_access_type parameter (or set it to “write”), then promoted users redirect fine, but I have no way of providing a read-only Sign In.

Is there a way to provide automatic redirect regardless of the user’s access level?